VIRUS ALERT 'You need to get a parcel Order'

If you receive the following e-mail, it is fraudulent, and the attachment contains a virus. This e-mail WAS NOT sent from FedEx.

How to tell:

1) What is the originating address? In this case, the address was spoofed to appear to be FedEx, so the message would be opened by many people unaware.

2) Are there spelling and grammar mistakes? The message below contained only one misspelling.

3) Is there a .zip attachment? This always makes the message suspect. Do not easily open .zip attachments.

4) If you go all the way to opening the .zip file, you should see an executable file inside. Its filename may be similar to FedEx_Invoice _Copy_N12-3464.exe. DO NOT open (by double-clicking) any .exe files from e-mail attachments.

5) The "from" address is easy to be spoofed. When you receive a suspect e-mail, inspect its header. Research elsewhere on how to interpret e-mail headers.

 

If you receive a suspect e-mail which appears to be from FedEx, call their support, and forward the message to ABUSE AT FEDEX DOT COM.

 

HEADER:

x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 128.121.78.220) header.from=day-definite@fedex.com; dkim=none header.d=fedex.com; x-hmca=none
X-Message-Status: n:0:n
X-SID-PRA: FedEx Support <day-definite@fedex.com>
X-DKIM-Result: None
X-AUTH-Result: NONE
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTl0ixkxgMSCpVX90CdQX/xNWe0E8I6KYkxvJf9POiswxSvcE/xSbMor477YOAxGVbdKKV3gigUjenjjzAfKd9ejd3/HtG+lNTAwrKv00lyiyK8dMMDKuHzk
Received: from canserver.com ([128.121.78.220]) by SNT0-MC1-F12.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Mon, 12 Mar 2012 07:38:56 -0700
Received: from canserver.com (localhost [127.0.0.1])
by canserver.com (8.13.6.20060614/8.13.6) with ESMTP id q2CEcuBr015751
for <>; Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Received: (from www@localhost)
by canserver.com (8.13.6.20060614/8.13.6/Submit) id q2CEcu6V015748;
Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Date: Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Message-Id: <201203121438.q2CEcu6V015748@canserver.com>
To:
Subject: You need to get a parcel Order 9723
From: "FedEx Support" <day-definite@fedex.com>
X-Mailer: HiveMail1.2.1
Reply-To: "FedEx Support" <day-definite@fedex.com>
Mime-Version: 1.0
Content-Type: multipart/mixed;boundary="----------13315631364F5E0A8002865"
Return-Path: www@canserver.com
X-OriginalArrivalTime: 12 Mar 2012 14:38:56.0835 (UTC) FILETIME=[DAEA2930:01CD005D]

------------13315631364F5E0A8002865
Content-Type: text/html;
Content-Transfer-Encoding: 8bit

FedEx notification, <BR>
<BR>
The delivery service couldn’t deliver your package. <BR>
The package weight exceeds the allowable free-delivery limit. <BR>
<BR>
You have to receive your packagen  personally. <BR>
Print out the "Invoice Copy" attached and collect the package at our office.<BR>
<BR>
Please read carefully the attached information before receiving your package. <BR>
<BR>
Thank you.
FedEx Global Services. <BR>

------------13315631364F5E0A8002865
Content-Type: application/octet-stream;name="FedEx_Invoice _Copy_N12-3464.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;filename="FedEx_Invoice _Copy_N12-3464.zip"

 

MESSAGE:

 

SUBJECT:

You need to get a parcel Order 9723‏ 

ATTACHMENT:

FedEx_Invoice _Copy_N12-3464.zip

BODY:

FedEx notification,

The delivery service couldn't deliver your package.
The package weight exceeds the allowable free-delivery limit.

You have to receive your packagen personally.
Print out the "Invoice Copy" attached and collect the package at our office.

Please read carefully the attached information before receiving your package.

Thank you. FedEx Global Services.



˅˅˅ Additional valuable information is available at one of the links below: ˅˅˅

 

Did you like the article? Let Google Search know by clicking this button: . Please link to content that you find useful on this website on your own website, forum or blog! You can also comment on this page below, or contact me to ask a question or suggest a topic for me to research. There is a user-editable Wiki available on my website, as well as a Forum that you can contribute to. Site Map.

Page last modified 20-Aug-12 21:58:46 EDT
Comments on this page:


Add a comment to this page
Comment Title:
Your Name:
Your Email Address:
Notify me of new comments to this item:
Additional Comments:
This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)